Re: Unwanted programs on Win2K
From: Pez Mohr (boredMDer74@msn.com)
Date: 02/05/03
- Previous message: Pez Mohr: "Re: Syskey on Win2k"
- In reply to: Kamran Muzaffer: "Re: Unwanted programs on Win2K"
- Next in thread: dave: "RE: Unwanted programs on Win2K"
- Reply: dave: "RE: Unwanted programs on Win2K"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Pez Mohr" <boredMDer74@msn.com> To: "Kamran Muzaffer" <kmahmed@cyber.net.pk>, "Gedi" <gediintheuk@yahoo.co.uk>, <security-basics@securityfocus.com> Date: Wed, 5 Feb 2003 15:18:51 -0500
Kamran Muzaffer wrote:
> Hi Gedi,
>
> I tried to _crack_ a .SAM file located in c:\WINNT\repair with LC4,
> but it only shows Administrator and guest accounts and those are not
> the current passwords either. I think windows saves the initial copy
> of the password database there. That's the very reason why I think
> its not that dangerous to leave that file there ( may be as a backup
> ) because if it is so simple to recover all the Windows passwords,
> than curing it, would have been the first step in all Win security
> manuals.
I heard something in the past about when first installing Windows, it will
save a backup copy of the SAM to '%WinDir%\repair'. Whenever you use
NTBACKUP, however, if you choose to backup 'System State', then it copies
the SAM and puts it in '%WinDir%\repair' (if this is incorrect, please
correct me). So if anyone has run NTBACKUP, be sure to head over to the
repair directory, and delete the backups contained there.
Pez Mohr
boredMDer74@msn.com
PGP Key: http://tinyurl.com/3rmk
Fingerprint: 35F0 4088 BCA3 457C FDE4 3ABC 4E02 1AD7 9EBE 09FE
- Next message: Gedi: "Re: Unwanted programs on Win2K"
- Previous message: Pez Mohr: "Re: Syskey on Win2k"
- In reply to: Kamran Muzaffer: "Re: Unwanted programs on Win2K"
- Next in thread: dave: "RE: Unwanted programs on Win2K"
- Reply: dave: "RE: Unwanted programs on Win2K"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
